/// <summary> /// A simple function that takes a string and does a ToUpper /// </summary> /// <param name="input"></param> /// <param name="context"></param> /// <returns></returns> public void FunctionHandler(ILambdaContext context) { Amazon.EC2.AmazonEC2Client ec2 = new Amazon.EC2.AmazonEC2Client(); var securityGroups = ec2.DescribeSecurityGroupsAsync().Result.SecurityGroups; foreach (var securityGroup in securityGroups) { var dict = securityGroup.IpPermissions.ToList(); foreach (var rule in dict) { if (rule.Ipv4Ranges != null) { foreach (var ipv4rule in rule.Ipv4Ranges) { var extensions = ipv4rule.Description.Split('|') .Select(x => x.Split('=')) .ToDictionary(x => x[0], x => x[1]); foreach (var extension in extensions) { if (extension.Key == "fqdn") { ipv4rule.CidrIp = Dns.GetHostEntry(extension.Value).AddressList.FirstOrDefault().ToString() + "/32"; } } ec2.AuthorizeSecurityGroupIngressAsync(new Amazon.EC2.Model.AuthorizeSecurityGroupIngressRequest { GroupId = securityGroup.GroupId, IpPermissions = dict }); } } } } }
public AWSClass(string region, string AccessKey, string Secret) { RegionEndpoint EndPoint = RegionEndpoint.GetBySystemName(region); Amazon.Runtime.BasicAWSCredentials Credentials = new Amazon.Runtime.BasicAWSCredentials(AccessKey, Secret); _client = new AmazonEC2Client(Credentials, EndPoint); }
public override void Execute() { Amazon.EC2.AmazonEC2Client client = new Amazon.EC2.AmazonEC2Client(AWSAuthConnection.OUR_ACCESS_KEY_ID, AWSAuthConnection.OUR_SECRET_ACCESS_KEY); Amazon.EC2.Model.CreateSnapshotRequest request = new Amazon.EC2.Model.CreateSnapshotRequest(); request.VolumeId = volumeId; Amazon.EC2.Model.CreateSnapshotResponse response = client.CreateSnapshot(request); string snapshotId = response.CreateSnapshotResult.Snapshot.SnapshotId; Console.WriteLine("Started snapshot of volume {0} with snapshot ID {1}", volumeId, snapshotId); }
// Deletes a VPC private void DeleteVPC(VPC vpc) { using (var ec2 = new Amazon.EC2.AmazonEC2Client()) { ec2.DeleteVpc(new Amazon.EC2.Model.DeleteVpcRequest { VpcId = vpc.VPCId }); } }
public List <Instance> GetInstanceList() { var instanceList = new List <Instance>(); var clientEC2 = new Amazon.EC2.AmazonEC2Client(); var describeInstancesResponse = clientEC2.DescribeInstances(); foreach (var reservation in describeInstancesResponse.Reservations) { instanceList.AddRange(reservation.Instances); } return(instanceList); }
public void TestSessionCredentials() { using (var sts = new Amazon.SecurityToken.AmazonSecurityTokenServiceClient()) { AWSCredentials credentials = sts.GetSessionToken().Credentials; var originalEC2Signature = AWSConfigs.EC2Config.UseSignatureVersion4; var originalS3Signature = AWSConfigs.S3Config.UseSignatureVersion4; AWSConfigs.EC2Config.UseSignatureVersion4 = true; AWSConfigs.S3Config.UseSignatureVersion4 = true; try { using (var ec2 = new Amazon.EC2.AmazonEC2Client(credentials)) { var regions = ec2.DescribeRegions().Regions; Console.WriteLine(regions.Count); } using (var s3 = new Amazon.S3.AmazonS3Client(credentials)) { var buckets = s3.ListBuckets().Buckets; Console.WriteLine(buckets.Count); } using (var swf = new Amazon.SimpleWorkflow.AmazonSimpleWorkflowClient(credentials)) { var domains = swf.ListDomains(new Amazon.SimpleWorkflow.Model.ListDomainsRequest { RegistrationStatus = "REGISTERED" }).DomainInfos; Console.WriteLine(domains.Infos.Count); } using (var swf = new Amazon.SimpleWorkflow.AmazonSimpleWorkflowClient(credentials, new Amazon.SimpleWorkflow.AmazonSimpleWorkflowConfig { SignatureVersion = "4" })) { var domains = swf.ListDomains(new Amazon.SimpleWorkflow.Model.ListDomainsRequest { RegistrationStatus = "REGISTERED" }).DomainInfos; Console.WriteLine(domains.Infos.Count); } } finally { AWSConfigs.EC2Config.UseSignatureVersion4 = originalEC2Signature; AWSConfigs.S3Config.UseSignatureVersion4 = originalS3Signature; } } }
public async override Task DoAction(string RoleARN) { await base.DoAction(RoleARN); var logger = LogManager.GetCurrentClassLogger(); Parallel.ForEach(SharedLibrary.Utilities.GetRegions(), (region) => { logger.Debug($"Checking EC2 instances in region {region.DisplayName }"); var creds = SharedLibrary.Utilities.AssumeRole(RoleARN, region); var sessionCreds = new SessionAWSCredentials(creds.AccessKeyId, creds.SecretAccessKey, creds.SessionToken); Amazon.EC2.AmazonEC2Client client = new Amazon.EC2.AmazonEC2Client(sessionCreds, region); string nextToken = null; do { var describeInstancesResult = client.DescribeInstancesAsync(new DescribeInstancesRequest { Filters = new List <Filter> { new Filter("instance-state-name", new List <string> { "running", "pending", "stopped", "stopping" }) }, NextToken = nextToken }).Result; nextToken = describeInstancesResult.NextToken; var instances = describeInstancesResult.Reservations.SelectMany(r => r.Instances).ToList(); if (instances.Count > 0) { logger.Debug($"Terminating {instances.Count} EC2 instance(s)."); var terminateResult = client.TerminateInstancesAsync(new Amazon.EC2.Model.TerminateInstancesRequest { InstanceIds = instances.Select(a => a.InstanceId).ToList() }).Result; if (terminateResult.HttpStatusCode == System.Net.HttpStatusCode.OK) { logger.Debug($"Successfully terminated {terminateResult.TerminatingInstances.Count} EC2 instance(s)."); } } } while (nextToken != null); }); }
// Creates a VPC private VPC CreateVPC() { var region = VPCRegion.FindValue(AWSConfigs.RegionEndpoint.SystemName); using (var ec2 = new Amazon.EC2.AmazonEC2Client()) { var ec2Vpc = ec2.CreateVpc(new Amazon.EC2.Model.CreateVpcRequest { CidrBlock = "10.0.0.0/16", InstanceTenancy = Amazon.EC2.Tenancy.Default }).Vpc; return(new VPC { VPCRegion = region, VPCId = ec2Vpc.VpcId }); } }
public void Dispose() { _client = null; }
public DataTable GetVPCs(String aprofile, string Region2Scan) { string accountid = GetAccountID(aprofile); DataTable ToReturn = AWSTables.GetVPCDetailsTable(); Amazon.Runtime.AWSCredentials credential; RegionEndpoint Endpoint2scan = RegionEndpoint.USEast1; //Convert the Region2Scan to an AWS Endpoint. foreach (var aregion in RegionEndpoint.EnumerableAllRegions) { if (aregion.DisplayName.Equals(Region2Scan)) { Endpoint2scan = aregion; continue; } } try { credential = new Amazon.Runtime.StoredProfileAWSCredentials(aprofile); var ec2 = new Amazon.EC2.AmazonEC2Client(credential, Endpoint2scan); var vippies = ec2.DescribeVpcs().Vpcs; foreach (var avpc in vippies) { DataRow thisvpc = ToReturn.NewRow(); thisvpc["AccountID"] = accountid; thisvpc["Profile"] = aprofile; thisvpc["Region"] = Region2Scan; thisvpc["VpcID"] = avpc.VpcId; thisvpc["CidrBlock"] = avpc.CidrBlock; thisvpc["IsDefault"] = avpc.IsDefault.ToString(); thisvpc["DHCPOptionsID"] = avpc.DhcpOptionsId; thisvpc["InstanceTenancy"] = avpc.InstanceTenancy; thisvpc["State"] = avpc.State; var tagger = avpc.Tags; List<string> tlist = new List<string>(); foreach (var atag in tagger) { tlist.Add(atag.Key + ": " + atag.Value); } thisvpc["Tags"] = List2String(tlist); ToReturn.Rows.Add(thisvpc); } }//End of the big Try catch (Exception ex) { WriteToEventLog("VPC scan of " + aprofile + " failed:" + ex.Message.ToString(), EventLogEntryType.Error); } return ToReturn; }
/// <summary> /// Gets the data for EC2 Instances in a given Profile and Region. /// </summary> /// <param name="aprofile"></param> /// <param name="Region2Scan"></param> /// <returns></returns> public DataTable GetEC2Instances(string aprofile, string Region2Scan) { DataTable ToReturn = AWSTables.GetComponentTable("EC2"); RegionEndpoint Endpoint2scan = RegionEndpoint.USEast1; Amazon.Runtime.AWSCredentials credential; credential = new Amazon.Runtime.StoredProfileAWSCredentials(aprofile); //Convert the Region2Scan to an AWS Endpoint. foreach (var aregion in RegionEndpoint.EnumerableAllRegions) { if (aregion.DisplayName.Equals(Region2Scan)) { Endpoint2scan = aregion; continue; } } var ec2 = new Amazon.EC2.AmazonEC2Client(credential, Endpoint2scan); string accountid = GetAccountID(aprofile); var request = new DescribeInstanceStatusRequest(); request.IncludeAllInstances = true; DescribeInstanceStatusResponse instatresponse = new DescribeInstanceStatusResponse(); var indatarequest = new DescribeInstancesRequest(); try { instatresponse = ec2.DescribeInstanceStatus(request); } catch (Exception ex) { string test = "";//Quepaso? } //Get a list of the InstanceIDs. foreach (var instat in instatresponse.InstanceStatuses) { indatarequest.InstanceIds.Add(instat.InstanceId); indatarequest.InstanceIds.Sort(); } DescribeInstancesResponse DescResult = ec2.DescribeInstances(); int count = instatresponse.InstanceStatuses.Count(); //Build data dictionary of instances Dictionary<String, Instance> Bunchadata = new Dictionary<string, Instance>(); foreach (var urtburgle in DescResult.Reservations) { foreach (var instancedata in urtburgle.Instances) { try { Bunchadata.Add(instancedata.InstanceId, instancedata); } catch (Exception ex) { var ff ="";//a duplicate?? }; } } //Go through list of instances... foreach (var instat in instatresponse.InstanceStatuses) { string instanceid = instat.InstanceId; Instance thisinstance = new Instance(); try { thisinstance = Bunchadata[instanceid]; } catch(Exception ex) { continue; } DataRow thisinstancedatarow = ToReturn.NewRow(); //Collect the datases string instancename = ""; var status = instat.Status.Status; string AZ = instat.AvailabilityZone; var istate = instat.InstanceState.Name; string profile = aprofile; string myregion = Region2Scan; int eventnumber = instat.Events.Count(); List<string> eventlist = new List<string>(); var reservations = DescResult.Reservations; var myinstance = new Reservation(); var atreq = new DescribeInstanceAttributeRequest(); atreq.InstanceId = instanceid; atreq.Attribute = "disableApiTermination"; var atresp = ec2.DescribeInstanceAttribute(atreq).InstanceAttribute; string TerminationProtection = atresp.DisableApiTermination.ToString(); List<String> innies = new List<String>(); foreach (Reservation arez in DescResult.Reservations) { var checky = arez.Instances[0].InstanceId; innies.Add(checky); if (arez.Instances[0].InstanceId.Equals(instanceid)) { myinstance = arez; } } innies.Sort(); List<string> tags = new List<string>(); var loadtags = thisinstance.Tags.AsEnumerable(); foreach (var atag in loadtags) { tags.Add(atag.Key + ": " + atag.Value); if (atag.Key.Equals("Name")) instancename = atag.Value; } Dictionary<string, string> taglist = new Dictionary<string, string>(); foreach (var rekey in loadtags) { taglist.Add(rekey.Key, rekey.Value); } if (eventnumber > 0) { foreach (var anevent in instat.Events) { eventlist.Add(anevent.Description); } } String platform = ""; try { platform = thisinstance.Platform.Value; } catch { platform = "Linux"; } if (String.IsNullOrEmpty(platform)) platform = "Linux"; String Priv_IP = ""; try { Priv_IP = thisinstance.PrivateIpAddress; } catch { } if (String.IsNullOrEmpty(Priv_IP)) { Priv_IP = "?"; } String disinstance = thisinstance.InstanceId; String publicIP = ""; try { publicIP = thisinstance.PublicIpAddress; } catch { } if (String.IsNullOrEmpty(publicIP)) publicIP = ""; String publicDNS = ""; try { publicDNS = thisinstance.PublicDnsName; } catch { } if (String.IsNullOrEmpty(publicDNS)) publicDNS = ""; string myvpcid = ""; try { myvpcid = thisinstance.VpcId; } catch { } if (String.IsNullOrEmpty(myvpcid)) myvpcid = ""; string mysubnetid = ""; try { mysubnetid = thisinstance.SubnetId; } catch { } if (String.IsNullOrEmpty(mysubnetid)) mysubnetid = ""; //Virtualization type (HVM, Paravirtual) string ivirtType = ""; try { ivirtType = thisinstance.VirtualizationType; } catch { } if (String.IsNullOrEmpty(ivirtType)) ivirtType = "?"; // InstanceType (m3/Large etc) String instancetype = ""; try { instancetype = thisinstance.InstanceType.Value; } catch { } if (String.IsNullOrEmpty(instancetype)) instancetype = "?"; //Test section to try to pull out AMI data string AMI = ""; string AMIName = ""; string AMIDesc = ""; string AMILocation = ""; string AMIState = ""; try { AMI = thisinstance.ImageId; } catch { } if (string.IsNullOrEmpty(AMI)) AMI = ""; else { DescribeImagesRequest DIR = new DescribeImagesRequest(); DIR.ImageIds.Add(AMI); var imresp = ec2.DescribeImages(DIR); var idata = imresp.Images; try { if (idata.Count > 0) { AMIDesc = idata[0].Description; AMIName = idata[0].Name; AMILocation = idata[0].ImageLocation; AMIState = idata[0].State; } else { AMIDesc = "na"; AMIName = "na"; AMILocation = "na"; AMIState = "na"; } if (String.IsNullOrEmpty(AMIDesc)) { AMIDesc = ""; } if (String.IsNullOrEmpty(AMIName)) { AMIName = ""; } } catch(Exception ex) { string whyforerror = ex.Message; } } // var SGs = thisinstance.SecurityGroups; List<string> SGids = new List<string>(); List<String> SGNames = new List<string>(); foreach (var wabbit in SGs) { SGids.Add(wabbit.GroupId); SGNames.Add(wabbit.GroupName); } //Add to table if (SGids.Count < 1) SGids.Add("NullOrEmpty"); if (SGNames.Count < 1) SGNames.Add(""); if (String.IsNullOrEmpty(SGids[0])) SGids[0] = "NullOrEmpty"; if (String.IsNullOrEmpty(SGNames[0])) SGNames[0] = ""; if (String.IsNullOrEmpty(instancename)) instancename = ""; //EC2DetailsTable.Rows.Add(accountid, profile, myregion, instancename, instanceid, AMI, AMIDesc, AZ, platform, status, eventnumber, eventlist, tags, Priv_IP, publicIP, publicDNS, istate, ivirtType, instancetype, sglist); //Is list for Profile and Region, so can key off of InstanceID. In theory InstanceID is unique //Build our dictionary of values and keys for this instance This is dependent on the table created by GetEC2DetailsTable() Dictionary<string, string> datafields = new Dictionary<string, string>(); thisinstancedatarow["AccountID"] = accountid; thisinstancedatarow["Profile"] = profile; thisinstancedatarow["Region"] = myregion; thisinstancedatarow["InstanceName"] = instancename; thisinstancedatarow["InstanceID"] = instanceid; thisinstancedatarow["TerminationProtection"] = TerminationProtection; thisinstancedatarow["AMI"] = AMI; thisinstancedatarow["AMIState"] = AMIState; thisinstancedatarow["AMILocation"] = AMILocation; thisinstancedatarow["AMIDescription"] = AMIDesc; thisinstancedatarow["AvailabilityZone"] = AZ; thisinstancedatarow["Status"] = status; thisinstancedatarow["Events"] = eventnumber.ToString(); thisinstancedatarow["EventList"] = List2String(eventlist); thisinstancedatarow["Tags"] = List2String(tags); thisinstancedatarow["PrivateIP"] = Priv_IP; thisinstancedatarow["PublicIP"] = publicIP; thisinstancedatarow["PublicDNS"] = publicDNS; thisinstancedatarow["PublicDNS"] = publicDNS; thisinstancedatarow["VPC"] = myvpcid; thisinstancedatarow["SubnetID"] = mysubnetid; thisinstancedatarow["InstanceState"] = istate.Value; thisinstancedatarow["VirtualizationType"] = ivirtType; thisinstancedatarow["InstanceType"] = instancetype; thisinstancedatarow["SecurityGroups"] = List2String(SGids); thisinstancedatarow["SGNames"] = List2String(SGNames); //Add this instance to the data returned. ToReturn.Rows.Add(thisinstancedatarow); }//End for of instances return ToReturn; }//EndGetEC2
public DataTable GetSubnets(string aprofile, string Region2Scan) { string accountid = GetAccountID(aprofile); RegionEndpoint Endpoint2scan = RegionEndpoint.USEast1; //Convert the Region2Scan to an AWS Endpoint. foreach (var aregion in RegionEndpoint.EnumerableAllRegions) { if (aregion.DisplayName.Equals(Region2Scan)) { Endpoint2scan = aregion; continue; } } Amazon.Runtime.AWSCredentials credential; DataTable ToReturn = AWSTables.GetComponentTable("Subnets"); try { credential = new Amazon.Runtime.StoredProfileAWSCredentials(aprofile); var ec2 = new Amazon.EC2.AmazonEC2Client(credential, Endpoint2scan); var subbies = ec2.DescribeSubnets().Subnets; foreach (var asubnet in subbies) { DataRow disone = ToReturn.NewRow(); disone["AccountID"] = accountid; disone["Profile"] = aprofile; disone["AvailabilityZone"] = asubnet.AvailabilityZone; disone["AvailableIPCount"] = asubnet.AvailableIpAddressCount.ToString(); disone["Cidr"] = asubnet.CidrBlock; //Trickybits. Cidr to IP //var dater = Network2IpRange(asubnet.CidrBlock); System.Net.IPNetwork danetwork = System.Net.IPNetwork.Parse(asubnet.CidrBlock); disone["[Network]"] = danetwork.Network; disone["[Netmask]"] = danetwork.Netmask; disone["[Broadcast]"] = danetwork.Broadcast; disone["[FirstUsable]"] = danetwork.FirstUsable; disone["[LastUsable]"] = danetwork.LastUsable; /// disone["DefaultForAZ"] = asubnet.DefaultForAz.ToString(); disone["MapPubIPonLaunch"] = asubnet.MapPublicIpOnLaunch.ToString(); disone["State"] = asubnet.State; disone["SubnetID"] = asubnet.SubnetId; var tagger = asubnet.Tags; List<string> taglist = new List<string>(); foreach (var atag in tagger) { taglist.Add(atag.Key + ": " + atag.Value); if (atag.Key.Equals("Name")) disone["SubnetName"] = atag.Value; } disone["Tags"] = List2String(taglist); disone["VpcID"] = asubnet.VpcId; ToReturn.Rows.Add(disone); } } catch (Exception ex) { string rabbit = ""; } return ToReturn; }
public DataTable GetEBSDetails(string aprofile, string Region2Scan) { DataTable ToReturn = AWSTables.GetEBSDetailsTable(); string accountid = GetAccountID(aprofile); RegionEndpoint Endpoint2scan = RegionEndpoint.USEast1; //Convert the Region2Scan to an AWS Endpoint. foreach (var aregion in RegionEndpoint.EnumerableAllRegions) { if (aregion.DisplayName.Equals(Region2Scan)) { Endpoint2scan = aregion; continue; } } Amazon.Runtime.AWSCredentials credential; try { credential = new Amazon.Runtime.StoredProfileAWSCredentials(aprofile); var ec2 = new Amazon.EC2.AmazonEC2Client(credential, Endpoint2scan); // Describe volumes has a max limit, so we have to make sure we collect all the data we need. DescribeVolumesRequest requesty = new DescribeVolumesRequest(); requesty.MaxResults = 1000; var volres = ec2.DescribeVolumes(); var volyumes = volres.Volumes; List<Volume> vollist = new List<Volume>(); while (volres.NextToken != null) { foreach (var av in volyumes) { try { vollist.Add(av); } catch (Exception ex) { WriteToEventLog("EBS on " + aprofile + "/" + Region2Scan + " failed:\n" + ex.Message,EventLogEntryType.Error); } } requesty.NextToken = volres.NextToken; volres = ec2.DescribeVolumes(requesty); } foreach (var av in volyumes) vollist.Add(av); foreach (var onevol in vollist) { var arow = ToReturn.NewRow(); arow["AccountID"] = accountid; arow["Profile"] = aprofile; arow["Region"] = Region2Scan; arow["AZ"] = onevol.AvailabilityZone; arow["CreateTime"] = onevol.CreateTime.ToString(); arow["Encrypted"] = onevol.Encrypted.ToString(); arow["IOPS"] = onevol.Iops; arow["KMSKeyID"] = onevol.KmsKeyId; arow["Size-G"] = onevol.Size; arow["SnapshotID"] = onevol.SnapshotId; arow["State"] = onevol.State.Value; arow["VolumeID"] = onevol.VolumeId; arow["VolumeType"] = onevol.VolumeType.Value; //********** Some extra handling required**************/// List<string> taglist = new List<string>(); foreach (var atag in onevol.Tags) { taglist.Add(atag.Key + ": " + atag.Value); } arow["Tags"] = List2String(taglist); var atachs = onevol.Attachments; arow["Attachments"] = onevol.Attachments.Count.ToString(); if (onevol.Attachments.Count > 0) { arow["AttachTime"] = atachs[0].AttachTime; arow["DeleteonTerm"] = atachs[0].DeleteOnTermination; arow["Device"] = atachs[0].Device; arow["InstanceID"] = atachs[0].InstanceId; arow["AttachState"] = atachs[0].State; } ToReturn.Rows.Add(arow); } } catch (Exception ex) { WriteToEventLog("EBS on " + aprofile + " failed:\n" + ex.Message, EventLogEntryType.Error); } return ToReturn; }
public async Task <IEnumerable <Ec2InstanceImage> > GetDeprecatedInstanceIds(Amazon.RegionEndpoint currentRegion) { Amazon.EC2.AmazonEC2Client ec2Client = new Amazon.EC2.AmazonEC2Client(AwsSdkVending.AccessKeyId, AwsSdkVending.SecretKey, currentRegion); string NextToken = null; List <Ec2InstanceImage> lstInstances = new List <Ec2InstanceImage>(); List <string> lstImageIds = new List <string>(); List <Image> lstAffectedImages = new List <Image>(); do { var describeRequest = new DescribeInstancesRequest(); describeRequest.Filters = new List <Filter>(); describeRequest.Filters.Add(new Filter("platform", new List <string> { "windows" })); describeRequest.Filters.Add(new Filter("instance-state-name", new List <string> { "pending", "running", "shutting-down", "stopping", "stopped" })); describeRequest.NextToken = NextToken; var describeInstancesResult = await ec2Client.DescribeInstancesAsync(describeRequest); NextToken = describeRequest.NextToken; foreach (var instance in describeInstancesResult.Reservations.SelectMany(r => r.Instances)) { if (!lstImageIds.Contains(instance.ImageId)) { lstImageIds.Add(instance.ImageId); } } } while (NextToken != null); if (lstImageIds.Count > 0) { var describeImagesRequest = new DescribeImagesRequest { ImageIds = lstImageIds }; describeImagesRequest.Filters = new List <Filter>(); describeImagesRequest.Filters.Add(new Filter { Name = "is-public", Values = new List <string> { "true" } }); var describeImagesResult = await ec2Client.DescribeImagesAsync(describeImagesRequest); foreach (var currentImage in describeImagesResult.Images) { if (string.IsNullOrEmpty(currentImage.Description)) { continue; } if (DeprecatedDescriptions.Any(d => Regex.IsMatch(currentImage.Description, d, RegexOptions.IgnoreCase))) { lstAffectedImages.Add(currentImage); Console.WriteLine($"{currentImage.ImageId} - {currentImage.Description} is facing deprecation"); } } Console.WriteLine($"{lstAffectedImages.Count} images are marked for deprecation in {currentRegion.DisplayName}"); } if (lstAffectedImages.Count > 0) { foreach (var image in lstAffectedImages) { do { var describeInstancesRequest = new DescribeInstancesRequest(); describeInstancesRequest.Filters = new List <Filter>(); describeInstancesRequest.Filters.Add(new Filter("image-id", new List <string> { image.ImageId })); describeInstancesRequest.Filters.Add(new Filter("instance-state-name", new List <string> { "pending", "running", "shutting-down", "stopping", "stopped" })); describeInstancesRequest.NextToken = NextToken; var describeInstancesResult = await ec2Client.DescribeInstancesAsync(describeInstancesRequest); NextToken = describeInstancesRequest.NextToken; foreach (var instance in describeInstancesResult.Reservations.SelectMany(r => r.Instances)) { lstInstances.Add(new Ec2InstanceImage { Region = currentRegion.DisplayName, ImageDescription = image.Description, ImageId = image.ImageId, ImageName = image.Name, InstanceId = instance.InstanceId }); Console.WriteLine($"Instance {instance.InstanceId} in {currentRegion.DisplayName} ({image.Name}) is marked for deprecation and needs to be snapshotted."); } } while (NextToken != null); } } return(lstInstances); }
static void Main(string[] args) { Amazon.EC2.AmazonEC2Client ec2 = new Amazon.EC2.AmazonEC2Client(RegionEndpoint.APSoutheast2); var securityGroups = ec2.DescribeSecurityGroupsAsync().Result.SecurityGroups; foreach (var securityGroup in securityGroups) { var dict = securityGroup.IpPermissions.ToList(); var newDict = dict.ToList(); foreach (var rule in dict) { if (rule.Ipv4Ranges != null) { foreach (var ipv4rule in rule.Ipv4Ranges.ToList()) { var rulesRegex = new Regex(@"\[(?:\[[^\[\]]*\]|[^\[\]])*\]", RegexOptions.None); if (ipv4rule.Description == null) { continue; } var m = rulesRegex.Matches(ipv4rule.Description).ToList(); if (m == null) { continue; } foreach (Group g in m) { var extension = g.Value.Split(new[] { '[', ']' }, StringSplitOptions.RemoveEmptyEntries).ToDictionary(s => s.Split('=')[0], s => s.Split('=')[1]).FirstOrDefault(); if (extension.Key == "fqdn") { //get ip from DNS var newIP = Dns.GetHostEntry(extension.Value).AddressList.FirstOrDefault().ToString() + "/32"; if (ipv4rule.CidrIp == newIP) { Console.WriteLine("Didn't update security group. Cidr Still matches"); } else { IpPermission oldPermission = new IpPermission { FromPort = rule.FromPort, IpProtocol = rule.IpProtocol, ToPort = rule.ToPort }; oldPermission.Ipv4Ranges.Add(ipv4rule); var oldlistofpermissions = new List <IpPermission>(); oldlistofpermissions.Add(oldPermission); //revoke that one rule. ec2.RevokeSecurityGroupIngressAsync(new Amazon.EC2.Model.RevokeSecurityGroupIngressRequest { GroupId = securityGroup.GroupId, IpPermissions = oldlistofpermissions }).Wait(); //add the new one. IpPermission newPermission = new IpPermission { FromPort = rule.FromPort, IpProtocol = rule.IpProtocol, ToPort = rule.ToPort }; var newiprange = new IpRange(); newiprange.CidrIp = newIP; newiprange.Description = ipv4rule.Description; newPermission.Ipv4Ranges.Add(newiprange); var newlistofpermissions = new List <IpPermission>(); newlistofpermissions.Add(newPermission); //ipv4rule.CidrIp = Dns.GetHostEntry(extension.Value).AddressList.FirstOrDefault().ToString() + "/32"; ec2.AuthorizeSecurityGroupIngressAsync(new Amazon.EC2.Model.AuthorizeSecurityGroupIngressRequest { GroupId = securityGroup.GroupId, IpPermissions = newlistofpermissions }).Wait(); } } if (extension.Key == "expiry") { var isDate = DateTime.TryParse(extension.Value, out DateTime expiry); if (!isDate) { var chronic = new Chronic.Parser(); expiry = chronic.Parse(extension.Value, new Chronic.Options { EndianPrecedence = Chronic.EndianPrecedence.Little }).ToTime(); ipv4rule.Description = ipv4rule.Description.Replace(g.Value, $"[expiry={expiry.ToString("yyyy-MM-dd HH:mm")}]"); IpPermission newPermission = new IpPermission { FromPort = rule.FromPort, IpProtocol = rule.IpProtocol, ToPort = rule.ToPort }; var newiprange = new IpRange(); newiprange.Description = ipv4rule.Description; newiprange.CidrIp = ipv4rule.CidrIp; newPermission.Ipv4Ranges.Add(newiprange); var newlistofpermissions = new List <IpPermission>(); newlistofpermissions.Add(newPermission); ec2.UpdateSecurityGroupRuleDescriptionsIngressAsync(new Amazon.EC2.Model.UpdateSecurityGroupRuleDescriptionsIngressRequest { GroupId = securityGroup.GroupId, IpPermissions = newlistofpermissions }).Wait(); //ec2.RevokeSecurityGroupIngressAsync(new Amazon.EC2.Model.RevokeSecurityGroupIngressRequest { GroupId = securityGroup.GroupId, IpPermissions = listofpermissions }).Wait(); } else { if (expiry < DateTime.Now) { IpPermission permission = new IpPermission { FromPort = rule.FromPort, IpProtocol = rule.IpProtocol, ToPort = rule.ToPort }; permission.Ipv4Ranges.Add(ipv4rule); var listofpermissions = new List <IpPermission>(); listofpermissions.Add(permission); ec2.RevokeSecurityGroupIngressAsync(new Amazon.EC2.Model.RevokeSecurityGroupIngressRequest { GroupId = securityGroup.GroupId, IpPermissions = listofpermissions }).Wait(); //newDict.Where(x => x == rule).Where(y => y.Ipv4Ranges == rule.Ipv4Ranges).First().Ipv4Ranges.Add() } } } } } } } } }
public DataTable GetSnapshotDetails(string aprofile, string Region2Scan) { DataTable ToReturn = AWSTables.GetSnapshotDetailsTable(); string accountid = GetAccountID(aprofile); RegionEndpoint Endpoint2scan = RegionEndpoint.USEast1; //Convert the Region2Scan to an AWS Endpoint. foreach (var aregion in RegionEndpoint.EnumerableAllRegions) { if (aregion.DisplayName.Equals(Region2Scan)) { Endpoint2scan = aregion; continue; } } Amazon.Runtime.AWSCredentials credential; try { credential = new Amazon.Runtime.StoredProfileAWSCredentials(aprofile); var ec2 = new Amazon.EC2.AmazonEC2Client(credential, Endpoint2scan); // Describe snapshots has a max limit, so we have to make sure we collect all the data we need. DescribeSnapshotsRequest requesty = new DescribeSnapshotsRequest(); requesty.MaxResults = 1000; //Ouch! It lists all snaps we have access to. We only want ones we own and pay for.. //And it doesnt seem to return the ones we own. WTF???? requesty.OwnerIds.Add("self"); var snapres = ec2.DescribeSnapshots(requesty); var snappies = snapres.Snapshots; int nummie = snappies.Count; Dictionary<string, Snapshot> snaplist = new Dictionary<string, Snapshot>(); while (snapres.NextToken != null) { foreach (var av in snappies) { try { if (!snaplist.Keys.Contains(av.SnapshotId)) snaplist.Add(av.SnapshotId, av); else { var goob = snaplist[av.SnapshotId]; if (goob.Equals(av)) { string itsadupe = "Yar"; } }//Eliminate dupes } catch (Exception ex) { WriteToEventLog("Snapshots on " + aprofile + "/" + Region2Scan + " failed:\n" + ex.Message, EventLogEntryType.Error); } } requesty.NextToken = snapres.NextToken; snapres = ec2.DescribeSnapshots(requesty); } foreach (var av in snappies) { if (!snaplist.Keys.Contains(av.SnapshotId)) snaplist.Add(av.SnapshotId, av); else { var goob = snaplist[av.SnapshotId]; if (goob.Equals(av)) { string itsadupe = "Yar"; } }//Eliminate dupes. } foreach (var onesnap in snaplist.Values) { var arow = ToReturn.NewRow(); if (!accountid.Equals(onesnap.OwnerId)) continue; arow["AccountID"] = accountid; var rr = onesnap.GetType(); arow["Profile"] = aprofile; arow["Region"] = Region2Scan; arow["SnapshotID"] = onesnap.SnapshotId; arow["Description"] = onesnap.Description; arow["VolumeID"] = onesnap.VolumeId; arow["VolumeSize-GB"] = onesnap.VolumeSize; arow["Encrypted"] = onesnap.Encrypted.ToString(); arow["KMSKeyID"] = onesnap.KmsKeyId; arow["OwnerAlias"] = onesnap.OwnerAlias; arow["OwnerID"] = onesnap.OwnerId; arow["Progress"] = onesnap.Progress; arow["StartTime"] = onesnap.StartTime.ToString(); arow["State"] = onesnap.State.Value; arow["StateMessage"] = onesnap.StateMessage; var DKI = onesnap.DataEncryptionKeyId; if (String.IsNullOrEmpty(DKI)) { } else { arow["DataEncryptionKeyID"] = onesnap.DataEncryptionKeyId.ToString(); } //********** Some extra handling required**************/// List<string> taglist = new List<string>(); foreach (var atag in onesnap.Tags) { taglist.Add(atag.Key + ": " + atag.Value); } arow["Tags"] = List2String(taglist); ToReturn.Rows.Add(arow); } } catch (Exception ex) { WriteToEventLog("Snapshots on " + aprofile + " failed:\n" + ex.Message, EventLogEntryType.Error); } return ToReturn; }